Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2015-12-15 | CVE-2015-7499 | Heap-based buffer overflow in the xmlGROW function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to obtain sensitive process memory information via unspecified vectors. | Iphone_os, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Icewall_federation_agent, Icewall_file_manager, Leap, Opensuse, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_server, Enterprise_linux_workstation, Libxml2 | N/A | ||
| 2015-12-15 | CVE-2015-7497 | Heap-based buffer overflow in the xmlDictComputeFastQKey function in dict.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors. | Ubuntu_linux, Debian_linux, Icewall_federation_agent, Icewall_file_manager, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_server, Enterprise_linux_workstation, Libxml2 | N/A | ||
| 2015-12-15 | CVE-2015-7498 | Heap-based buffer overflow in the xmlParseXmlDecl function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service via unspecified vectors related to extracting errors after an encoding conversion failure. | Ubuntu_linux, Debian_linux, Icewall_federation_agent, Icewall_file_manager, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_server, Enterprise_linux_workstation, Libxml2 | N/A | ||
| 2015-12-15 | CVE-2015-7500 | The xmlParseMisc function in parser.c in libxml2 before 2.9.3 allows context-dependent attackers to cause a denial of service (out-of-bounds heap read) via unspecified vectors related to incorrect entities boundaries and start tags. | Iphone_os, Mac_os_x, Tvos, Watchos, Ubuntu_linux, Debian_linux, Icewall_federation_agent, Icewall_file_manager, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_server, Enterprise_linux_workstation, Libxml2 | N/A | ||
| 2015-12-17 | CVE-2015-5277 | The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database. | Ubuntu_linux, Glibc, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_server, Enterprise_linux_workstation | N/A | ||
| 2016-01-12 | CVE-2015-1779 | The VNC websocket frame decoder in QEMU allows remote attackers to cause a denial of service (memory and CPU consumption) via a large (1) websocket payload or (2) HTTP headers section. | Ubuntu_linux, Debian_linux, Fedora, Linux, Qemu, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Virtualization | 8.6 | ||
| 2016-02-08 | CVE-2016-0728 | The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service (integer overflow and use-after-free) via crafted keyctl commands. | Ubuntu_linux, Debian_linux, Android, Server_migration_pack, Linux_kernel | 7.8 | ||
| 2016-02-18 | CVE-2015-7547 | Multiple stack-based buffer overflows in the (1) send_dg and (2) send_vc functions in the libresolv library in the GNU C Library (aka glibc or libc6) before 2.23 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted DNS response that triggers a call to the getaddrinfo function with the AF_UNSPEC or AF_INET6 address family, related to performing "dual A/AAAA DNS queries" and the libnss_dns.so.2 NSS module. | Ubuntu_linux, Debian_linux, Big\-Ip_access_policy_manager, Big\-Ip_advanced_firewall_manager, Big\-Ip_analytics, Big\-Ip_application_acceleration_manager, Big\-Ip_application_security_manager, Big\-Ip_domain_name_system, Big\-Ip_link_controller, Big\-Ip_local_traffic_manager, Big\-Ip_policy_enforcement_manager, Glibc, Helion_openstack, Server_migration_pack, Opensuse, Exalogic_infrastructure, Fujitsu_m10_firmware, Enterprise_linux_desktop, Enterprise_linux_hpc_node, Enterprise_linux_hpc_node_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_workstation, Unified_threat_management_software, Linux_enterprise_debuginfo, Linux_enterprise_desktop, Linux_enterprise_server, Linux_enterprise_software_development_kit, Suse_linux_enterprise_server | 8.1 | ||
| 2016-02-18 | CVE-2016-0794 | The lwp filter in LibreOffice before 5.0.4 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LotusWordPro (lwp) document. | Ubuntu_linux, Libreoffice | 7.8 | ||
| 2016-02-18 | CVE-2016-0795 | LibreOffice before 5.0.5 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted LwpTocSuperLayout record in a LotusWordPro (lwp) document. | Ubuntu_linux, Libreoffice | 7.8 |